CISA orders federal civilian agencies to patch Log4j vulnerability and 12 others by December 24

The US Cybersecurity and Infrastructure Security Agency has ordered all civilian federal agencies to patch the Log4j vulnerability and three others by December 24, adding it to the organization’s Known…

Agent Tesla Spyware Used in Phishing Campaign

Agent Tesla initially detected in late 2014, is a known spyware aimed at collecting sensitive data from a victim’s device, such as stored application credentials and keyboard inputs (keylogger). Agent…

Log4j zero-day flaw: What you need to know and how to protect yourself

A flaw in Log4j, a Java library for logging error messages in applications, is the most high-profile security vulnerability on the internet right now and comes with a severity score…

Moobot Botnet Chews Up Hikvision Surveillance Systems

Attackers are milking unpatched Hikvision video systems to drop a DDoS botnet, researchers warned. Although a patch was released in September, any still-vulnerable Hikvision IP Network Video Recorder (NVR) products…

Hack-and-leak group Black Shadow keeps targeting Israeli victims

Written by AJ Vicens Dec 6, 2021 | CYBERSCOOP In October, a little-watched hacking group called Black Shadow went public with data it appeared to have stolen from an Israeli…

Australia set to gain ability to sanction cyber attackers under 'Magnitsky-style' law

A Bill allowing Australia to directly issue sanctions against cyber attackers was unanimously passed by the Senate yesterday evening, and is set to appear before the lower house for another…

Attackers Will Flock to Crypto Wallets, Linux in 2022: Podcast

That’s just the start of what cyberattackers will zero in on as they pick up APT techniques to hurl more destructive ransomware & supply-chain attacks, says Fortinet’s Derek Manky. Ransomware…

Security warning: Ransomware attackers are working on the holidays, even if you aren't

Ahead of Thanksgiving this Thursday, the US Cybersecurity and Infrastructure Agency (CISA) and the FBI have released a warning for critical infrastructure providers to stay vigilant on holidays and weekends,…

Iranians Charged in Cyberattacks Against U.S. 2020 Election

The State Department has offered a $10M reward for tips on the two Iran-based threat actors accused of voter intimidation and disinformation. The U.S. Department of Justice has unsealed charges…

FBI issues flash alert after APT groups exploited VPN flaws

With this flaw, FatPipe joins the list of VPN providers that have faced a similar situation in the past, including Fortinet, Cisco, Pulse Secure, and Citrix. The Federal Bureau of…